Here is a community technical preview that just became available.  It describes some common patterns to secure your web services.  This is a great read, and really simplifies the whole mystique around how to use the WS-Security.

 http://practices.gotdotnet.com/projects/sopatterns